diff options
Diffstat (limited to 'spec/policies/group_policy_spec.rb')
-rw-r--r-- | spec/policies/group_policy_spec.rb | 69 |
1 files changed, 2 insertions, 67 deletions
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index 4d72de27046..cb7884b141e 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -19,6 +19,7 @@ RSpec.describe GroupPolicy, feature_category: :system_access do expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) expect_disallowed(:read_namespace) + expect_disallowed(:read_namespace_via_membership) end end @@ -34,6 +35,7 @@ RSpec.describe GroupPolicy, feature_category: :system_access do expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) expect_disallowed(:read_namespace) + expect_disallowed(:read_namespace_via_membership) end end @@ -1099,73 +1101,6 @@ RSpec.describe GroupPolicy, feature_category: :system_access do end end - describe 'observability' do - let(:allowed_admin) { be_allowed(:read_observability) && be_allowed(:admin_observability) } - let(:allowed_read) { be_allowed(:read_observability) && be_disallowed(:admin_observability) } - let(:disallowed) { be_disallowed(:read_observability) && be_disallowed(:admin_observability) } - - # rubocop:disable Layout/LineLength - where(:feature_enabled, :admin_matcher, :owner_matcher, :maintainer_matcher, :developer_matcher, :reporter_matcher, :guest_matcher, :non_member_matcher, :anonymous_matcher) do - false | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) - true | ref(:allowed_admin) | ref(:allowed_admin) | ref(:allowed_admin) | ref(:allowed_read) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) | ref(:disallowed) - end - # rubocop:enable Layout/LineLength - - with_them do - before do - stub_feature_flags(observability_group_tab: feature_enabled) - end - - context 'admin', :enable_admin_mode do - let(:current_user) { admin } - - it { is_expected.to admin_matcher } - end - - context 'owner' do - let(:current_user) { owner } - - it { is_expected.to owner_matcher } - end - - context 'maintainer' do - let(:current_user) { maintainer } - - it { is_expected.to maintainer_matcher } - end - - context 'developer' do - let(:current_user) { developer } - - it { is_expected.to developer_matcher } - end - - context 'reporter' do - let(:current_user) { reporter } - - it { is_expected.to reporter_matcher } - end - - context 'with guest' do - let(:current_user) { guest } - - it { is_expected.to guest_matcher } - end - - context 'with non member' do - let(:current_user) { create(:user) } - - it { is_expected.to non_member_matcher } - end - - context 'with anonymous' do - let(:current_user) { nil } - - it { is_expected.to anonymous_matcher } - end - end - end - describe 'dependency proxy' do RSpec.shared_examples 'disabling admin_package feature flag' do before do |